733 B
733 B
CVE-2010-4916
Description
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
POC
Reference
- http://packetstormsecurity.org/1009-exploits/coldusergroup-sql.txt
- http://securityreason.com/securityalert/8448
Github
No PoCs found on GitHub currently.